Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mozjpeg — heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file Related CVEs: CVE-2020-13790 Upstream summary: NIST reports: Heap-based buffer over-read in get_rgb_row() in rdppm.c via […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: dircproxy — remote denial of service Related CVEs: CVE-2007-5226 Upstream summary: Securiweb reports: dircproxy allows remote attackers to cause a denial of service (segmentation fault) via an ACTION command without […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libntlm — buffer overflow vulnerability Related CVEs: CVE-2019-17455 Upstream summary: NVD reports: Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: vim — potential data loss with zip.vim and specially crafted zip files Related CVEs: CVE-2004-1138 CVE-2005-2368 CVE-2007-2953 CVE-2008-2712 CVE-2008-3076 CVE-2008-3432 CVE-2016-1248 CVE-2025-27423  +1 more Upstream summary: Vim reports: See https://github.com/vim/vim/security/advisories/GHSA-693p-m996-3rmf […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: fail2ban — possible RCE vulnerability in mailing action using mailutils Related CVEs: CVE-2021-32749 Upstream summary: Jakub Żoczek reports: Command mail from mailutils package used in mail actions like mail-whois can […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mgetty+sendfax — symlink attack via insecure temporary files Related CVEs: CVE-2008-4936 Upstream summary: Debian reports: Faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: streamripper — multiple buffer overflows Related CVEs: CVE-2008-4829 Upstream summary: Secunia reports: A boundary error exists within http_parse_sc_header() in lib/http.c when parsing an overly long HTTP header starting with "Zwitterion […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lasso — signature checking failure Related CVEs: CVE-2021-28091 Upstream summary: entrouvert reports: When AuthnResponse messages are not signed (which is permitted by the specifiation), all assertion's signatures should be checked, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: gd — '_gdGetColors' remote buffer overflow vulnerability Related CVEs: CVE-2009-3546 Upstream summary: CVE reports: The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the GD Graphics Library 2.x, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xapian-omega — cross-site scripting vulnerability Related CVEs: CVE-2009-2947 Upstream summary: Olly Betts reports: There's a cross-site scripting issue in Omega – exception messages don't currently get HTML entities escaped, but […]